About GWC Networks:
GWC Networks is a specialist IT & Cybersecurity systems integrator based in Dubai and India. We deliver cutting‑edge solutions to safeguard businesses from network outages and cyber threats. Partnering with leading vendors like SolarWinds, Group‑IB, GTB, OneLogin, KnowBe4, OpenText, ManageEngine, and more, we help organizations maintain secure, resilient IT environments.
Note:
This role is based in Dubai on a 1‑year contract (extendable). We provide visa and airfare, while all other allowances are included in the salary. Please apply only if you are willing to relocate to Dubai.
Role: Senior DevSecOps Engineer:
We’re looking for a dynamic, results-driven Security Engineer who Integrate security within CI/CD pipelines using automated SAST, DAST, and IaC scanning tools. Automate security controls, manage container (Docker/Kubernetes) security, and collaborate with development teams to enforce secure DevOps practices
Key Responsibilities:
- Embed security tools (SAST, DAST, IaC scanners) into CI/CD workflows using Jenkins, GitLab CI/CD, Azure DevOps.
- Automate security controls: container image scanning (Trivy, Hadolint), secret scanning (GitLeaks), infrastructure checks (Checkov, TFLint)
- Secure container environments (Docker, Kubernetes); collaborate on secure deployments.
- Work with dev/QA teams to shift-left security and enhance pipeline quality controls.
- Monitor, detect, and respond to security vulnerabilities and incidents.
- Conduct threat modeling, risk assessments, and remediation for code and infrastructure.
- Develop and maintain robust documentation, runbooks, and best-practice guides.
- Mentor and coach development teams in secure DevOps methodologies.
Experience: 7+ years DevOps/DevSecOps experience with 5+ years in CI/CD and security integration
Education: Bachelor’s degree (e.g., Computer Science, IT, Software Engineering, Systems Engineering); a relevant Master’s is a plus.
Requirements:
- Proficient with CI/CD tools (Jenkins, GitLab CI/CD, Azure DevOps).
- Expertise in Docker, Kubernetes, IaC (Terraform, Ansible, CloudFormation).
- Experience with SAST/DAST/IaC/secret scanning (e.g., SonarQube, OWASP ZAP, Checkov, Trivy, GitLeaks)
- Strong scripting skills (Python, Bash, Powershell).
- Solid knowledge of secure coding practices, container and runtime security frameworks (Falco), and compliance frameworks (OWASP, NIST, ISO) .
- Excellent communication, automation mindset, and mentoring ability.
Benefits:
- Competitive salary package based on experience and skillset.
- 12-month contract with possibility to extend based on performance and business needs.
- Opportunities to work on cutting-edge cloud security projects.
- Exposure to global clients and enterprise environments.
- Collaborative and growth-driven work culture.
- Visa and airfare provided; all other allowances included in salary.